Zscaler Multi-factor authentication

Hi Everyone,
is there any native option to activate the multi-factor authentication in ZIA, I didn’t find any option and I need to know why there is no option from Zscaler point of view.

Hi,
No native option from Zscaler. This can be done through your IDP if you are integrating ZIA with IDP like azure AD, okta, ping etc.
This is applicable for both users and administrators.

1 Like

Hi Ramesh,

thank you for response, we need to apply the MFA on the admin portal something like OTP when logging as an admin in the portal.
we already use the integration with the active directory.

You can’t initiate MFA from Zscaler. This has to be trigger from IDP. AD integration will not help.

1 Like

As Ramesh mentioned, the proper way to implement MFA on the ZIA admin portal is by linking the admin login to your IdP. ZIA fully supports IdP-initiated SSO, i.e. the admin will have to go to the IdP first to access the admin portal. You can then decide to disable any local admin accounts (outside of the super admin, which will always be there as your ICE admin login).
The Admin SAML configuration for Azure is outlined here: Admin SAML Configuration Guide for Azure Active Directory | Zscaler.

3 Likes